Just plugging in the ethernet cable is dangerous :)
I'm not suggesting creating any client-side code providing any type of
description of the database. Basically, I'm just suggesting that
CFFORM be combined, slightly, with CFINSERT/CFUPDATE so that on post
the CFFORM tag would realize it's posted to itself and invoke the
appropriate cfInsert/cfUpdate functionality. I imagine/hope the
underpinnings of these two tags (since they've been around awhile) use
parameterized queries (cfqueryparam), providing a good layer of data
security, and the client-side validation provided by CFFORM would
probably be "good enough" for anyone using this functionality.
I doubt I'd use it anywhere except on quick app I'd do for personal
use only, but ColdFusion has always been about abstracting complex
processes for easier use by less, um, hard-core developers, so why not
take that to the Nth and simpify data binding?
-joe
----- Original Message -----
From: Burns, John D <[EMAIL PROTECTED]>
Date: Tue, 29 Jun 2004 17:48:15 -0400
Subject: RE: Blackstone @ CF-FUN '04
To: CF-Talk <[EMAIL PROTECTED]>
This sounds like it could be dangerous though. If there was some sort
of code generated on the client side that could pass directly to some
kind of "auto-input" to a database, it seems like someone could spoof
the client and do some damage to your server or something. I wouldn't
like putting any kind of controls on the client side of things,
especially passing any kind of information about my database that
would be passed to the next page for an "auto-insert". Plus, I
usually like to do some kind of validation before anything goes into
the database.
John
________________________________
From: Joe Rinehart [mailto:[EMAIL PROTECTED]
Sent: Tue 6/29/2004 11:43 AM
To: CF-Talk
Subject: Re: Blackstone @ CF-FUN '04
Ben,
Thanks - forgot about the Drumbeat, that was a while back! Didn't
quite mean as far as auto-generating the form itself, just defining a
relationship between the form and a table, but, hey, the less we have
to do...
-joe________________________________
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
